G Photos with Gservices

E24

If I have g photos with minimal permissions and then g services with network what kind of data can Google collect?

other8026

E24 Basically, anything you do in either of those apps and anything those apps have access to. It would also be helpful to read the following two sections from the website:

aquila-enu

other8026 hi, sorry for necroing this post. Since the OP asked what kind of data Google can collect with GPhotos without network and Gservices with network, and you said anything you do in either of those apps and what they have access to, does this mean Google (server) has access to our Photos, which implies these 2 apps talk to each other?

I found another claim from unwat (sorry idk how to link directly to the comment) that

Firstly, any claim that Google apps circumvent being blocked from the internet via Google Play Services is hypothetical. We know they can, not that they do. If internet access is revoked for all the Google apps, then there's no way for them to communicate with Google servers, hypothetical or not. No other app/service on Android (AOSP) / GrapheneOS will help these apps circumvent their internet restriction even though Android is developed by Google.

Is what you're saying conflicting to the claim above? Asking because I also use sandboxed google play with play networks having network access but Gphotos and Gcam network access off. Now I'm wondering if Google truly have access to my photos then.

Thanks!

cla-me

G-evil have access to everything you have hosted under their pry evil eyes, emails, photos, files under drive, everything... Stay away from them, switch to a zero- knowledge E2EE (end to end encrypted provider).
May I suggest?
Email: tuta, protonmail, mailfence, mailbox.
Drive: filen, sync, protondrive, nordlocker.
Search engine: DuckDuckGo, StartPage
Browsers: Brave, DuckDuckGo, Firefox.
Do your research and find the one that suits your needs.

Tryptamine

cla-me or... You can turn off Google's "web and app activity" setting and delete your data to minimize how much data it collects when you use search and Google apps...

In Google's privacy controls there are a lot of other controls to turn off. If you have Google Services installed go to Google Settings and delete your advertising ID too.

Vagabond8630

I found that Google Photos has the best editing functions and best UI to manage my photos, so I use Google Photos with network permissions revoked and I don't sync any photos to my account.

This way, none of my data gets sent to Google's servers, but I can still benefit from the functions of the Google Photos app. Same with the Pixel Camera app.

de0u

aquila-enu It is natural that many people wish to use proprietary closed-source software without compromising privacy, and to, because of that, look for recipes to turn potentially privacy-invasive software into privacy-respecting software. But that is often not possible.

It is a fact that on Android applications can communicate with each other via IPC. Android was designed that way, so that apps can cooperate with each other to get things done that users want. An example of this is sharing a photo: an app with a photo to share contacts apps that are capable of accepting the photo.

It is also a fact that Android apps can be, and often are, written to temporarily work offline if a network connection is unavailable. This includes building a "todo list" of communication actions to take when a network connection is later available. One example of this would be when a user edits a local copy of a file when there is no network connection; the app can remember to transmit the file to a cloud server when a network connection is available later.

All in all, it is absolutely technically possible for a photo app (such as Photos) that has no network connection to share a photo with a framework app (such as Play Services) that does have a network connection, and for the framework app to send the photo to some server. This is not necessarily nefarious! One reason for writing a framework app is so that multiple apps can offload code and management cycles to the framework app. In some cases it is possible that the user-facing app (such as Photos) would be designed to never access the network on its own and always delegate network traffic to a framework app.

It is also possible for a photo app that has no network connection to share a photo with a framework app that also doesn't have a network connection now, and for the framework app to send the photo to some server later when it does have a network connection.

So:

It would be nice if removing the Network permission from a photo app caused the photo app to respect the user's privacy, but that is not necessarily the case,
It would be nice if granting an app the Network permission only every now and then to download plugins meant that the app didn't use the period of network access to transmit information, but that is not necessarily the case,
So far it does not appear that anybody has documented Google Photos using Play Services to upload photos,
But that is absolutely technically possible.

There is no conflict between the two sources you cited. The unwanted behavior is both absolutely technically possible and not proven. In other words, as you quoted, "We know they can, not that they do".

It might make sense to investigate photo apps with privacy policies you find reasonable, including perhaps open-source photo apps, including perhaps donating to authors of open-source photo apps to support improvements in those apps.

Byku

de0u Good post. I'll add to that, some possible ways of minimizing data collection by them include:

isolate Play Services network access with an app like Rethink and allow only mtalk.google.com for push notifications
in app battery permissions deny apps like GPhotos or GCam running in background
don't log in to a Google account if you have one, you can use a separate profile for situations when you need it
All the above seem to work without compromising functionality.

aquila-enu

de0u Thanks for your thorough information. It is definitely eye-opening and I appreciate you taking the time to elaborate on it. The only reason why I use the Gcam is because of the different modes they have. I really wish Graphene cam has more modes, but alas, CameraX doesn't have it yet for Pixel phone. The Google Photos is simply for convenience to preview the photos you took from GCam and to quickly edit them. All in all, it's just for convenience.

I checked out Privacy Guides for most of the FOSS I use, if not all. And so far, I dont see any recommendations for Camera (I personally have no issue with the Gallery app from Graphene). So, if you have any recommendation for a camera app, more than happy to try that out :)

Again thanks a lot for your time.

DeletedUser87

aquila-enu the simple solution is to install Play Services in a different profile (work profile through Shelter, Private Space, secondary user profiles) than GCam and GPhotos. That's how I handle it. Apps can't really communicate between profiles for the most part (except clipboard for example) and it should be enough isolation to stop Play Services from uploading anything from those apps.

aquila-enu

DeletedUser87 if you install Play services on a different profile, how do you maintain updates of your apps? At least for me, most of my apps are retrieved from Sandboxed GPlay.

JollyRancher

Deny Play Services network permission, and if you need to allow it for some reason the first wipe the Play Services storage & cache.

If the apps have already passed data to Play Services and it is waiting for upload then wiping Play Services storage will erase that data and since GOS is making all these apps work differently from how they were intended it is highly unlikely that the apps are going yo attempt to resend data they believe has already been sent.

DeletedUser87

aquila-enu through Aurora for closed source apps and a mix of Droid-Ify and Obtainium for the FOSS stuff. I would drop Play Services altogether if there was a solution for on-device location services, other than that I have no use for Play Services.

aquila-enu

DeletedUser87 ok. But if you used other App Stores to maintain your updates, why would you have Play services in the first place under a different profile?

I'm aware now that this setup doesnt apply to your case, but in my case where I use Sandboxed GPlay, how would one maintain updates if they were put under the different profile?

DeletedUser87

aquila-enu because profiles can be put to sleep - no more talkie talkie to Google. I don't know if that works, but usually you would update apps through a different profile since version mismatches are not possible across profiles in Android. That requires to keep an app installed in a different profile, although you should be able to just disable it.

aquila-enu

DeletedUser87 I see. I didn't know that you could still update apps across profiles. Perhaps the method @JollyRancher said above could also work? So you disable network by default and only enable it when you need it e.g. to update apps, but remove app data first before turning the network back on?

My next question would be, is it accurate to say that all info from other apps retrieved from IPC is stored in the app data?

DeletedUser87

aquila-enu you can't really say when IPC kicks in. It might start once Play Services reconnects to a network and all previous measures would go down the drain. Also, if you always delete Play Services' app data, you will have to start from scratch every time. Logging in will become an annoying chore.

aquila-enu

DeletedUser87 makes sense. Btw I tried installing Play services in pvt space and as expected, it wont detect apps installed in a different space. So it has to be installed in the same space to manage updates.

DeletedUser95

aquila-enu

You could just install the same app that needs updating in both spaces and then disable it in the space that you are not using it in. It then only takes one side getting the update for the other side to also get it.

That's how I mainly have my setup going is Google Play in the private space and then after installing a specific app I want in the private space I use the aurora store to install it in the personal space.

This shouldn't noticeably increase storage consumption if even at all due to how the package manager works.

aquila-enu

DeletedUser95 I see. Thanks! In hindsight, I'll just stick to GOS camera and gallery. I already have a few more closed sourced apps installed and may be a bit tedious to duplicate those as well. Yet much appreciate your insight!